<?php
session_start();

$username = $_POST['username'];
$password = $_POST['password'];

require( 'mysqli_connect.php' );

$query = "SELECT * FROM user WHERE username = '" . $username . "' AND password = '" . $password . "'";

$result = mysqli_query($dbc, $query);

if ($record = mysqli_fetch_array($result)) {
    $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    
    header('Location:index.php'); // login geslaagd
} else {
    
    header('Location:login.php?error=true'); // login niet geslaagd
}
?>
